Application & systems design, deployment, provisioning and tooling for cloud services at Anki. Presented at the AdvancedAWS meetup on Jan 21, 2014 at Anki HQ.
Services, analytics and infrastructure ● Provides web & analytics services for Anki ● Example services: ○ Gameplay diagnostics ○ Game replays ○ Customer service platform ○ Future Anki DRIVE enhancements
● Application processes are stateless ● Loose coupling among services ● Configuration is in the environment ● Built for continuous deployment Application design
Systems design ● n+2 redundancy ● Compute resources are ephemeral ● Managed services preferred ● Infrastructure as code ● Single purpose VPCs ● Contract between backing resources and applications
Goal: Continuous deployment Source Repo commit GitHub Web Hook Deploy Worker Old Release Remains Running Integration Tests Deploy to Integration Deploy to Production Integration tests pass SQS New Release Live Integration tests fail Notify Check for commits Commit found DNS Change
Deployment and Provisioning ● New code, new instances ● Instance store-backed AMIs built with Packer ● AMIs ship with base Docker containers ● Instances provisioned with Ansible
● Base container, service container, release container ● Local dev == Production ● Exceptional community ● Challenges ○ Rapidly changing ○ Logging ○ Debugging
● IAM roles and policies created via CloudFormation ● Intra-VPC traffic authorized by SG ID ● Precise subnetting allows for future network ACLs ● … some credentials still laying around in plain text On security
bwhaley
sbtechnight
fixstars
dongjin
arthur1
kaznishi
imanolteran
pauloxnet
takakuni
xibuka
miyakemito
ikuyamada
pauljervisheath
yeseniaperezcruz
panda_program
marktimemedia
gr2m
moore
colly
sstephenson
sferik
matthewcrist
smashingmag
lara